Unlike some malware and spyware attacks, IceFog is sophisticated, relentless, and highly targeted malware. First identified in 2011, IceFog is a program designed to steal data. There have been more recent reports of IceFog on macOS, which proves this malware is still there.
Here, we looked at the IceFog threat in more detail and shared how to remove it.
What is IceFog?
IceFog has been described as a hit-and-run advanced persistent threat campaign.
It could easily be the work of a hostile nation-state. Or, similar to other attacks we’ve seen, a third-party group acting on another country’s behalf. Given the fact the attacks have been against industrial leaders, media, technology, defense contractors, and supply chain companies, it almost sounds like something out of a spy movie. North Korea, China, or Russia could be behind it, and in many cases, victims won’t know what has been taken and may not report the fact. For some victims of attacks such as these, people could lose jobs if they’re found to be in breach of security procedures. Hostile nations will use any advantage to exploit a vulnerability.
A part of IceFog malware code planted in the infected macOS:
Secrets are valuable, so if you work for a company where you get sensitive information on a laptop or phone, it is worth asking to have a VPN installed, or whenever possible, don’t send anything through to your personal device. It might help to keep your employer’s or client’s information safe.
Can IceFog be removed manually?
Yes, although with some difficulty. Attacks like this will do everything they can to keep the backdoor open in case the victim has other useful secrets they can grab hold of at a later date.
It will take work and perhaps a cybersecurity expert to search through your files to identify aspects of the program that have taken control of your Mac. After that, carefully remove and delete them manually, then restart your Mac. Hopefully, the problem will have gone. Nevertheless, that can’t be guaranteed using the manual method. But if you want to try the best of your luck, check out this handy guide outlining all the steps needed to remove malware from Mac.
Another way is to install CleanMyMac X.
CleanMyMac X is a powerful Mac performance improvement app. It can identify and remove malware and other cyber threats, including IceFog, in only a few clicks. One scan, and your Mac is safe again.
- Download CleanMyMac X (here’s a link to a free version).
- Click on the Malware Removal tab.
- Click Scan.
- Click Remove to neutralize the threat.
IceFog should no longer be bothering you.
How to avoid IceFog and other threats
Malware like IceFog finds more and more ways to bypass macOS protection measures and get into your Mac. By following these simple rules, you can avoid many threats and keep your data safe at all times:
- Be careful when opening emails from sources you don’t know.
- Inspect links and attachments before clicking them.
- Download apps only from trustworthy app distributors.
- Notice when your Mac acts weird: if it’s running incredibly slowly, you’re bombarded with pop-up ads, and find apps and extensions you didn’t add — these can be the signs of malware.
For many Mac owners, IceFog isn’t a direct threat. However, software such as this is smart, and should its code be released into the wild, other cybercriminals won’t hesitate to exploit the capabilities of something that seems to have been created with state sponsorship and resources.